X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Ftransport.texi;h=f5ca87e1f0576df4af79d0df51595a16caf4c64f;hb=2d7f9b64e8af5da9bb4469a01f22fd5171446710;hp=4e26785b409c9138cba94e8282d469c71fc24ff8;hpb=cf8a56bc7e7ccfb18a9ef175ca363eb5cad34cf4;p=govpn.git

diff --git a/doc/transport.texi b/doc/transport.texi
index 4e26785..f5ca87e 100644
--- a/doc/transport.texi
+++ b/doc/transport.texi
@@ -36,7 +36,7 @@ XTEA's encryption key is the first 128-bit of Salsa20's output with
 established common key and zero nonce (message nonces start from 1).
 
 @verbatim
-PRP_KEY = ENCRYPT(KEY, 0, 128-bit)
+PRP_KEY = 128bit(ENCRYPT(KEY, 0))
 @end verbatim
 
 @code{ENCRYPT} is Salsa20 stream cipher, with established session
@@ -52,8 +52,19 @@ length.
 Salsa20's output are used as a one-time key for @code{AUTH}.
 
 @verbatim
-AUTH_KEY = ENCRYPT(KEY, NONCE, 256 bit)
+AUTH_KEY = 256bit(ENCRYPT(KEY, NONCE))
 @end verbatim
 
 To prevent replay attacks we must remember received @code{SERIAL}s and
 drop when receiving duplicate ones.
+
+In @ref{Encless, encryptionless mode} this scheme is slightly different:
+
+@verbatim
+ PACKET = ENCODED || NONCE
+ENCODED = ENCLESS(DATA || PAD || ZEROS)
+  NONCE = PRP(PRP_KEY, SERIAL)
+@end verbatim
+
+@code{ENCLESS} is AONT and chaffing function. There is no need in
+explicit separate authentication.